1 /* Copyright (C) 1995-1998 Eric Young (eay (at) cryptsoft.com) 2 * All rights reserved. 3 * 4 * This package is an SSL implementation written 5 * by Eric Young (eay (at) cryptsoft.com). 6 * The implementation was written so as to conform with Netscapes SSL. 7 * 8 * This library is free for commercial and non-commercial use as long as 9 * the following conditions are aheared to. The following conditions 10 * apply to all code found in this distribution, be it the RC4, RSA, 11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * included with this distribution is covered by the same copyright terms 13 * except that the holder is Tim Hudson (tjh (at) cryptsoft.com). 14 * 15 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * the code are not to be removed. 17 * If this package is used in a product, Eric Young should be given attribution 18 * as the author of the parts of the library used. 19 * This can be in the form of a textual message at program startup or 20 * in documentation (online or textual) provided with the package. 21 * 22 * Redistribution and use in source and binary forms, with or without 23 * modification, are permitted provided that the following conditions 24 * are met: 25 * 1. Redistributions of source code must retain the copyright 26 * notice, this list of conditions and the following disclaimer. 27 * 2. Redistributions in binary form must reproduce the above copyright 28 * notice, this list of conditions and the following disclaimer in the 29 * documentation and/or other materials provided with the distribution. 30 * 3. All advertising materials mentioning features or use of this software 31 * must display the following acknowledgement: 32 * "This product includes cryptographic software written by 33 * Eric Young (eay (at) cryptsoft.com)" 34 * The word 'cryptographic' can be left out if the rouines from the library 35 * being used are not cryptographic related :-). 36 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * the apps directory (application code) you must include an acknowledgement: 38 * "This product includes software written by Tim Hudson (tjh (at) cryptsoft.com)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * SUCH DAMAGE. 51 * 52 * The licence and distribution terms for any publically available version or 53 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * copied and put under another distribution licence 55 * [including the GNU Public Licence.] */ 56 57 #include <openssl/asn1.h> 58 59 #include <limits.h> 60 #include <string.h> 61 62 #include <openssl/err.h> 63 #include <openssl/mem.h> 64 #include <openssl/obj.h> 65 66 67 int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) 68 { 69 unsigned char *p; 70 int objsize; 71 72 if ((a == NULL) || (a->data == NULL)) return(0); 73 74 objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT); 75 if (pp == NULL) return objsize; 76 77 p= *pp; 78 ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); 79 memcpy(p,a->data,a->length); 80 p+=a->length; 81 82 *pp=p; 83 return(objsize); 84 } 85 86 int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) 87 { 88 int i,first,len=0,c, use_bn; 89 char ftmp[24], *tmp = ftmp; 90 int tmpsize = sizeof ftmp; 91 const char *p; 92 unsigned long l; 93 BIGNUM *bl = NULL; 94 95 if (num == 0) 96 return(0); 97 else if (num == -1) 98 num=strlen(buf); 99 100 p=buf; 101 c= *(p++); 102 num--; 103 if ((c >= '0') && (c <= '2')) 104 { 105 first= c-'0'; 106 } 107 else 108 { 109 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE); 110 goto err; 111 } 112 113 if (num <= 0) 114 { 115 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER); 116 goto err; 117 } 118 c= *(p++); 119 num--; 120 for (;;) 121 { 122 if (num <= 0) break; 123 if ((c != '.') && (c != ' ')) 124 { 125 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_SEPARATOR); 126 goto err; 127 } 128 l=0; 129 use_bn = 0; 130 for (;;) 131 { 132 if (num <= 0) break; 133 num--; 134 c= *(p++); 135 if ((c == ' ') || (c == '.')) 136 break; 137 if ((c < '0') || (c > '9')) 138 { 139 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_INVALID_DIGIT); 140 goto err; 141 } 142 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) 143 { 144 use_bn = 1; 145 if (!bl) 146 bl = BN_new(); 147 if (!bl || !BN_set_word(bl, l)) 148 goto err; 149 } 150 if (use_bn) 151 { 152 if (!BN_mul_word(bl, 10L) 153 || !BN_add_word(bl, c-'0')) 154 goto err; 155 } 156 else 157 l=l*10L+(long)(c-'0'); 158 } 159 if (len == 0) 160 { 161 if ((first < 2) && (l >= 40)) 162 { 163 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_SECOND_NUMBER_TOO_LARGE); 164 goto err; 165 } 166 if (use_bn) 167 { 168 if (!BN_add_word(bl, first * 40)) 169 goto err; 170 } 171 else 172 l+=(long)first*40; 173 } 174 i=0; 175 if (use_bn) 176 { 177 int blsize; 178 blsize = BN_num_bits(bl); 179 blsize = (blsize + 6)/7; 180 if (blsize > tmpsize) 181 { 182 if (tmp != ftmp) 183 OPENSSL_free(tmp); 184 tmpsize = blsize + 32; 185 tmp = OPENSSL_malloc(tmpsize); 186 if (!tmp) 187 goto err; 188 } 189 while(blsize--) 190 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); 191 } 192 else 193 { 194 195 for (;;) 196 { 197 tmp[i++]=(unsigned char)l&0x7f; 198 l>>=7L; 199 if (l == 0L) break; 200 } 201 202 } 203 if (out != NULL) 204 { 205 if (len+i > olen) 206 { 207 OPENSSL_PUT_ERROR(ASN1, a2d_ASN1_OBJECT, ASN1_R_BUFFER_TOO_SMALL); 208 goto err; 209 } 210 while (--i > 0) 211 out[len++]=tmp[i]|0x80; 212 out[len++]=tmp[0]; 213 } 214 else 215 len+=i; 216 } 217 if (tmp != ftmp) 218 OPENSSL_free(tmp); 219 if (bl) 220 BN_free(bl); 221 return(len); 222 err: 223 if (tmp != ftmp) 224 OPENSSL_free(tmp); 225 if (bl) 226 BN_free(bl); 227 return(0); 228 } 229 230 int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) 231 { 232 return OBJ_obj2txt(buf, buf_len, a, 0); 233 } 234 235 int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) 236 { 237 char buf[80], *p = buf; 238 int i; 239 240 if ((a == NULL) || (a->data == NULL)) 241 return(BIO_write(bp,"NULL",4)); 242 i=i2t_ASN1_OBJECT(buf,sizeof buf,a); 243 if (i > (int)(sizeof(buf) - 1)) 244 { 245 p = OPENSSL_malloc(i + 1); 246 if (!p) 247 return -1; 248 i2t_ASN1_OBJECT(p,i + 1,a); 249 } 250 if (i <= 0) 251 return BIO_write(bp, "<INVALID>", 9); 252 BIO_write(bp,p,i); 253 if (p != buf) 254 OPENSSL_free(p); 255 return(i); 256 } 257 258 ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, 259 long length) 260 { 261 const unsigned char *p; 262 long len; 263 int tag,xclass; 264 int inf,i; 265 ASN1_OBJECT *ret = NULL; 266 p= *pp; 267 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 268 if (inf & 0x80) 269 { 270 i=ASN1_R_BAD_OBJECT_HEADER; 271 goto err; 272 } 273 274 if (tag != V_ASN1_OBJECT) 275 { 276 i=ASN1_R_EXPECTING_AN_OBJECT; 277 goto err; 278 } 279 ret = c2i_ASN1_OBJECT(a, &p, len); 280 if(ret) *pp = p; 281 return ret; 282 err: 283 OPENSSL_PUT_ERROR(ASN1, d2i_ASN1_OBJECT, i); 284 return(NULL); 285 } 286 287 ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, 288 long len) 289 { 290 ASN1_OBJECT *ret=NULL; 291 const unsigned char *p; 292 unsigned char *data; 293 int i, length; 294 295 /* Sanity check OID encoding. 296 * Need at least one content octet. 297 * MSB must be clear in the last octet. 298 * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2 299 */ 300 if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL || 301 p[len - 1] & 0x80) 302 { 303 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); 304 return NULL; 305 } 306 /* Now 0 < len <= INT_MAX, so the cast is safe. */ 307 length = (int)len; 308 for (i = 0; i < length; i++, p++) 309 { 310 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) 311 { 312 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); 313 return NULL; 314 } 315 } 316 317 /* only the ASN1_OBJECTs from the 'table' will have values 318 * for ->sn or ->ln */ 319 if ((a == NULL) || ((*a) == NULL) || 320 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) 321 { 322 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL); 323 } 324 else ret=(*a); 325 326 p= *pp; 327 /* detach data from object */ 328 data = (unsigned char *)ret->data; 329 ret->data = NULL; 330 /* once detached we can change it */ 331 if ((data == NULL) || (ret->length < length)) 332 { 333 ret->length=0; 334 if (data != NULL) OPENSSL_free(data); 335 data=(unsigned char *)OPENSSL_malloc(length); 336 if (data == NULL) 337 { i=ERR_R_MALLOC_FAILURE; goto err; } 338 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; 339 } 340 memcpy(data,p,length); 341 /* reattach data to object, after which it remains const */ 342 ret->data =data; 343 ret->length=length; 344 ret->sn=NULL; 345 ret->ln=NULL; 346 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */ 347 p+=length; 348 349 if (a != NULL) (*a)=ret; 350 *pp=p; 351 return(ret); 352 err: 353 OPENSSL_PUT_ERROR(ASN1, c2i_ASN1_OBJECT, i); 354 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 355 ASN1_OBJECT_free(ret); 356 return(NULL); 357 } 358 359 ASN1_OBJECT *ASN1_OBJECT_new(void) 360 { 361 ASN1_OBJECT *ret; 362 363 ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); 364 if (ret == NULL) 365 { 366 OPENSSL_PUT_ERROR(ASN1, ASN1_OBJECT_new, ERR_R_MALLOC_FAILURE); 367 return(NULL); 368 } 369 ret->length=0; 370 ret->data=NULL; 371 ret->nid=0; 372 ret->sn=NULL; 373 ret->ln=NULL; 374 ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; 375 return(ret); 376 } 377 378 void ASN1_OBJECT_free(ASN1_OBJECT *a) 379 { 380 if (a == NULL) return; 381 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) 382 { 383 #ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ 384 if (a->sn != NULL) OPENSSL_free((void *)a->sn); 385 if (a->ln != NULL) OPENSSL_free((void *)a->ln); 386 #endif 387 a->sn=a->ln=NULL; 388 } 389 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) 390 { 391 if (a->data != NULL) OPENSSL_free((void *)a->data); 392 a->data=NULL; 393 a->length=0; 394 } 395 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) 396 OPENSSL_free(a); 397 } 398 399 ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, 400 const char *sn, const char *ln) 401 { 402 ASN1_OBJECT o; 403 404 o.sn=sn; 405 o.ln=ln; 406 o.data=data; 407 o.nid=nid; 408 o.length=len; 409 o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS| 410 ASN1_OBJECT_FLAG_DYNAMIC_DATA; 411 return(OBJ_dup(&o)); 412 } 413
